cbac 0.6.1 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Manifest +70 -74
- data/README.rdoc +51 -51
- data/Rakefile +39 -39
- data/cbac.gemspec +30 -31
- data/config/cbac/context_roles.rb +21 -21
- data/config/cbac/privileges.rb +50 -50
- data/context_roles.rb +21 -21
- data/init.rb +3 -3
- data/lib/cbac.rb +132 -132
- data/lib/cbac/cbac_pristine/pristine.rb +138 -135
- data/lib/cbac/cbac_pristine/pristine_file.rb +173 -170
- data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -194
- data/lib/cbac/cbac_pristine/pristine_role.rb +41 -41
- data/lib/cbac/config.rb +9 -9
- data/lib/cbac/context_role.rb +27 -27
- data/lib/cbac/generic_role.rb +5 -5
- data/lib/cbac/known_permission.rb +14 -14
- data/lib/cbac/membership.rb +3 -3
- data/lib/cbac/permission.rb +5 -5
- data/lib/cbac/privilege.rb +117 -117
- data/lib/cbac/privilege_new_api.rb +56 -56
- data/lib/cbac/privilege_set.rb +29 -29
- data/lib/cbac/privilege_set_record.rb +6 -6
- data/lib/cbac/setup.rb +37 -37
- data/lib/generators/cbac/USAGE +33 -33
- data/lib/generators/cbac/cbac_generator.rb +75 -75
- data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
- data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
- data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
- data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
- data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
- data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
- data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
- data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
- data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
- data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
- data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
- data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
- data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -31
- data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
- data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
- data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
- data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
- data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
- data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
- data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
- data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -0
- data/privileges.rb +50 -50
- data/spec/cbac_pristine_file_spec.rb +329 -329
- data/spec/cbac_pristine_permission_spec.rb +358 -358
- data/spec/cbac_pristine_role_spec.rb +85 -85
- data/spec/rcov.opts +1 -1
- data/spec/spec.opts +4 -4
- data/spec/spec_helper.rb +11 -11
- data/tasks/cbac.rake +345 -345
- data/test/fixtures/cbac_generic_roles.yml +9 -9
- data/test/fixtures/cbac_memberships.yml +8 -8
- data/test/fixtures/cbac_permissions.yml +14 -14
- data/test/fixtures/cbac_privilege_set.yml +18 -18
- data/test/test_cbac_actions.rb +71 -71
- data/test/test_cbac_authorize_context_roles.rb +39 -39
- data/test/test_cbac_authorize_generic_roles.rb +36 -36
- data/test/test_cbac_context_role.rb +50 -50
- data/test/test_cbac_privilege.rb +151 -151
- data/test/test_cbac_privilege_set.rb +50 -50
- data/test/test_helper.rb +28 -28
- metadata +14 -15
- data/nbproject/private/private.properties +0 -3
- data/nbproject/private/private.xml +0 -4
- data/nbproject/private/rake-d.txt +0 -0
- data/nbproject/project.properties +0 -9
- data/nbproject/project.xml +0 -16
data/test/test_cbac_privilege.rb
CHANGED
@@ -1,152 +1,152 @@
|
|
1
|
-
# Copyright 2010 Bert Meerman
|
2
|
-
require File.expand_path(File.join(File.dirname(__FILE__), 'test_helper'))
|
3
|
-
|
4
|
-
# ### Tests the Cbac::Privilege class
|
5
|
-
#
|
6
|
-
class CbacPrivilegeTest < ActiveSupport::TestCase
|
7
|
-
# Setup defines the PrivilegeSet that is being used by all PrivilegeTest
|
8
|
-
# methods
|
9
|
-
def setup
|
10
|
-
PrivilegeSet.add :cbac_privilege, "" unless PrivilegeSet.sets.include?(:cbac_privilege)
|
11
|
-
PrivilegeSet.add :base_inheritence_privilege, "" unless PrivilegeSet.sets.include?(:base_inheritence_privilege)
|
12
|
-
end
|
13
|
-
|
14
|
-
# Test adding get and post resources It is possible to add a resource using
|
15
|
-
# different names for actions. This method also checks if these aliases are
|
16
|
-
# all operating well.
|
17
|
-
def test_add_resources
|
18
|
-
assert_difference("Privilege.get_resources.length", 4, "GET resource was not added.") do
|
19
|
-
Privilege.resource :cbac_privilege, "add/resources/get/1", :GET
|
20
|
-
Privilege.resource :cbac_privilege, "add/resources/get/2", :get
|
21
|
-
Privilege.resource :cbac_privilege, "add/resources/get/3", :g
|
22
|
-
Privilege.resource :cbac_privilege, "add/resources/get/4", :idempotent
|
23
|
-
end
|
24
|
-
assert_difference("Privilege.post_resources.length", 3, "POST resource was not added.") do
|
25
|
-
Privilege.resource :cbac_privilege, "add/resources/post/1", :POST
|
26
|
-
Privilege.resource :cbac_privilege, "add/resources/post/2", :post
|
27
|
-
Privilege.resource :cbac_privilege, "add/resources/post/3", :p
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
# Test the include method for single inheritence
|
32
|
-
def test_single_inheritence
|
33
|
-
Privilege.resource :base_inheritence_privilege, "single/inheritence"
|
34
|
-
Privilege.resource :base_inheritence_privilege, "single/inheritence/post", :post
|
35
|
-
PrivilegeSet.add :cbac_single_inheritence, "PrivilegeSet for single inheritence test"
|
36
|
-
Privilege.include :cbac_single_inheritence, :base_inheritence_privilege
|
37
|
-
result = Privilege.select("single/inheritence", :get)
|
38
|
-
assert_equal true, result.any? {|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
39
|
-
assert_equal true, result.any? {|set| set.name == "cbac_single_inheritence"}, "Single inheritence failure"
|
40
|
-
result = Privilege.select("single/inheritence/post", :post)
|
41
|
-
assert_equal true, result.any? {|set| set.name == "cbac_single_inheritence"}, "Single inheritence failure with POST method"
|
42
|
-
end
|
43
|
-
|
44
|
-
# Test the include method for multiple inheritence
|
45
|
-
def test_multiple_inheritence
|
46
|
-
Privilege.resource :base_inheritence_privilege, "multiple/inheritence"
|
47
|
-
PrivilegeSet.add :base_multiple_inheritence, "parent/ base PrivilegeSet for multiple inheritence test"
|
48
|
-
PrivilegeSet.add :cbac_multiple_inheritence, "child PrivilegeSet for multiple inheritence test"
|
49
|
-
Privilege.resource :base_multiple_inheritence, "multiple/inheritence_again"
|
50
|
-
Privilege.include :cbac_multiple_inheritence, [:base_inheritence_privilege, :base_multiple_inheritence]
|
51
|
-
result = Privilege.select("multiple/inheritence", :get)
|
52
|
-
assert_equal true, result.any? {|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
53
|
-
assert_equal true, result.any? {|set| set.name == "cbac_multiple_inheritence"}, "Multiple inheritence failure"
|
54
|
-
result = Privilege.select("multiple/inheritence_again", :get)
|
55
|
-
assert_equal true, result.any? {|set| set.name == "cbac_multiple_inheritence"}, "Multiple inheritence failure"
|
56
|
-
end
|
57
|
-
|
58
|
-
# Inheritence must be applied if a resource is added after an inheritence call
|
59
|
-
def test_inherit_resource_after_declaration
|
60
|
-
PrivilegeSet.add :cbac_inheritence_after_declaration, "PrivilegeSet for single inheritence test"
|
61
|
-
# First, we setup the inheritence relation
|
62
|
-
Privilege.include :cbac_inheritence_after_declaration, :base_inheritence_privilege
|
63
|
-
# Then, we setup the resource connection
|
64
|
-
Privilege.resource :base_inheritence_privilege, "inheritence/after/declaration"
|
65
|
-
Privilege.resource :base_inheritence_privilege, "inheritence/after/declaration/post", :post
|
66
|
-
# Test
|
67
|
-
result = Privilege.select("inheritence/after/declaration", :get)
|
68
|
-
assert_equal true, result.any?{|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
69
|
-
assert_equal true, result.any?{|set| set.name == "cbac_inheritence_after_declaration"}, "Resource declaration after inheritence call failed"
|
70
|
-
result = Privilege.select("inheritence/after/declaration/post", :post)
|
71
|
-
assert_equal true, result.any?{|set| set.name == "cbac_inheritence_after_declaration"}, "Resource declaration after inheritence call failed with POST method"
|
72
|
-
end
|
73
|
-
|
74
|
-
# If the inheritence functionality is used with invalid privilege_sets, an ArgumentException must be thrown
|
75
|
-
def test_inheritence_with_invalid_privilege_sets
|
76
|
-
assert_raise(ArgumentError) do
|
77
|
-
Privilege.include :cbac_privilege, :invalid_privilege_set
|
78
|
-
end
|
79
|
-
assert_raise(ArgumentError) do
|
80
|
-
Privilege.include :invalid_privilege_set, :cbac_privilege
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
# If an invalid action is specified, the method must raise an ArgumentError
|
85
|
-
# exception.
|
86
|
-
def test_add_incorrect_action
|
87
|
-
assert_raise(ArgumentError) do
|
88
|
-
Privilege.resource :cbac_privilege, "add/incorrect/action", :error
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
# If a privilege is added to a non existing PrivilegeSet, an ArgumentError
|
93
|
-
# exception must occur.
|
94
|
-
def test_add_resource_to_invalid_privilege_set
|
95
|
-
assert_raise(ArgumentError) do
|
96
|
-
Privilege.resource :cbac_privilege_error, "add/resource/to/invalid/privilege/set", :get
|
97
|
-
end
|
98
|
-
end
|
99
|
-
|
100
|
-
# Test the Privilege.select method. This method accepts a controller method
|
101
|
-
# string and an action type It returns the privilegesets that comply with this
|
102
|
-
# combination The actions post, put and delete are identical. This test aims
|
103
|
-
# at testing this assumption.
|
104
|
-
def test_select_correct
|
105
|
-
Privilege.resource :cbac_privilege, "select/correct/get", :get
|
106
|
-
Privilege.resource :cbac_privilege, "select/correct/post", :post
|
107
|
-
Privilege.resource :cbac_privilege, "select/correct/put", :post
|
108
|
-
Privilege.resource :cbac_privilege, "select/correct/delete", :post
|
109
|
-
assert_equal 1, Privilege.select("select/correct/get", :get).length
|
110
|
-
[:post, :put, :delete].each do |action|
|
111
|
-
assert_equal 1, Privilege.select("select/correct/post", action).length
|
112
|
-
assert_equal 1, Privilege.select("select/correct/put", action).length
|
113
|
-
assert_equal 1, Privilege.select("select/correct/delete", action).length
|
114
|
-
end
|
115
|
-
end
|
116
|
-
|
117
|
-
def test_exception()
|
118
|
-
begin
|
119
|
-
yield
|
120
|
-
rescue Exception => e
|
121
|
-
return e.message
|
122
|
-
end
|
123
|
-
raise "No exception was thrown"
|
124
|
-
end
|
125
|
-
|
126
|
-
# test selecting an incorrect action type
|
127
|
-
def test_select_incorrect_action_types
|
128
|
-
controller_method = "select/incorrect/action/types/get"
|
129
|
-
Privilege.resource :cbac_privilege, controller_method, :get
|
130
|
-
Privilege.select(controller_method, :get)
|
131
|
-
assert_match(/Incorrect action_type/, test_exception { Privilege.select(controller_method, :error) })
|
132
|
-
end
|
133
|
-
|
134
|
-
# If a user asks for the wrong action_type (e.g. a request is made for 'get'
|
135
|
-
# but there are only 'post' privileges or vica versa) the system will throw an
|
136
|
-
# exception as expected, but the system will also hint at the possibility of
|
137
|
-
# messing up get and post.
|
138
|
-
def test_select_the_other_action_type
|
139
|
-
controller_method = "select/the/other/action/type/get"
|
140
|
-
Privilege.resource :cbac_privilege, controller_method, :get
|
141
|
-
assert_match(/PrivilegeSets only exist for other action/, test_exception { Privilege.select(controller_method, :post) })
|
142
|
-
end
|
143
|
-
|
144
|
-
# Trying to find privileges for a set that doesn't exist, should result in an
|
145
|
-
# exception
|
146
|
-
def test_select_could_not_find_any_privilegeset
|
147
|
-
controller_method = "select/could/not/find/any/privilegeset/get"
|
148
|
-
assert_raise(RuntimeError) do
|
149
|
-
Privilege.select(controller_method, :post)
|
150
|
-
end
|
151
|
-
end
|
1
|
+
# Copyright 2010 Bert Meerman
|
2
|
+
require File.expand_path(File.join(File.dirname(__FILE__), 'test_helper'))
|
3
|
+
|
4
|
+
# ### Tests the Cbac::Privilege class
|
5
|
+
#
|
6
|
+
class CbacPrivilegeTest < ActiveSupport::TestCase
|
7
|
+
# Setup defines the PrivilegeSet that is being used by all PrivilegeTest
|
8
|
+
# methods
|
9
|
+
def setup
|
10
|
+
PrivilegeSet.add :cbac_privilege, "" unless PrivilegeSet.sets.include?(:cbac_privilege)
|
11
|
+
PrivilegeSet.add :base_inheritence_privilege, "" unless PrivilegeSet.sets.include?(:base_inheritence_privilege)
|
12
|
+
end
|
13
|
+
|
14
|
+
# Test adding get and post resources It is possible to add a resource using
|
15
|
+
# different names for actions. This method also checks if these aliases are
|
16
|
+
# all operating well.
|
17
|
+
def test_add_resources
|
18
|
+
assert_difference("Privilege.get_resources.length", 4, "GET resource was not added.") do
|
19
|
+
Privilege.resource :cbac_privilege, "add/resources/get/1", :GET
|
20
|
+
Privilege.resource :cbac_privilege, "add/resources/get/2", :get
|
21
|
+
Privilege.resource :cbac_privilege, "add/resources/get/3", :g
|
22
|
+
Privilege.resource :cbac_privilege, "add/resources/get/4", :idempotent
|
23
|
+
end
|
24
|
+
assert_difference("Privilege.post_resources.length", 3, "POST resource was not added.") do
|
25
|
+
Privilege.resource :cbac_privilege, "add/resources/post/1", :POST
|
26
|
+
Privilege.resource :cbac_privilege, "add/resources/post/2", :post
|
27
|
+
Privilege.resource :cbac_privilege, "add/resources/post/3", :p
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# Test the include method for single inheritence
|
32
|
+
def test_single_inheritence
|
33
|
+
Privilege.resource :base_inheritence_privilege, "single/inheritence"
|
34
|
+
Privilege.resource :base_inheritence_privilege, "single/inheritence/post", :post
|
35
|
+
PrivilegeSet.add :cbac_single_inheritence, "PrivilegeSet for single inheritence test"
|
36
|
+
Privilege.include :cbac_single_inheritence, :base_inheritence_privilege
|
37
|
+
result = Privilege.select("single/inheritence", :get)
|
38
|
+
assert_equal true, result.any? {|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
39
|
+
assert_equal true, result.any? {|set| set.name == "cbac_single_inheritence"}, "Single inheritence failure"
|
40
|
+
result = Privilege.select("single/inheritence/post", :post)
|
41
|
+
assert_equal true, result.any? {|set| set.name == "cbac_single_inheritence"}, "Single inheritence failure with POST method"
|
42
|
+
end
|
43
|
+
|
44
|
+
# Test the include method for multiple inheritence
|
45
|
+
def test_multiple_inheritence
|
46
|
+
Privilege.resource :base_inheritence_privilege, "multiple/inheritence"
|
47
|
+
PrivilegeSet.add :base_multiple_inheritence, "parent/ base PrivilegeSet for multiple inheritence test"
|
48
|
+
PrivilegeSet.add :cbac_multiple_inheritence, "child PrivilegeSet for multiple inheritence test"
|
49
|
+
Privilege.resource :base_multiple_inheritence, "multiple/inheritence_again"
|
50
|
+
Privilege.include :cbac_multiple_inheritence, [:base_inheritence_privilege, :base_multiple_inheritence]
|
51
|
+
result = Privilege.select("multiple/inheritence", :get)
|
52
|
+
assert_equal true, result.any? {|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
53
|
+
assert_equal true, result.any? {|set| set.name == "cbac_multiple_inheritence"}, "Multiple inheritence failure"
|
54
|
+
result = Privilege.select("multiple/inheritence_again", :get)
|
55
|
+
assert_equal true, result.any? {|set| set.name == "cbac_multiple_inheritence"}, "Multiple inheritence failure"
|
56
|
+
end
|
57
|
+
|
58
|
+
# Inheritence must be applied if a resource is added after an inheritence call
|
59
|
+
def test_inherit_resource_after_declaration
|
60
|
+
PrivilegeSet.add :cbac_inheritence_after_declaration, "PrivilegeSet for single inheritence test"
|
61
|
+
# First, we setup the inheritence relation
|
62
|
+
Privilege.include :cbac_inheritence_after_declaration, :base_inheritence_privilege
|
63
|
+
# Then, we setup the resource connection
|
64
|
+
Privilege.resource :base_inheritence_privilege, "inheritence/after/declaration"
|
65
|
+
Privilege.resource :base_inheritence_privilege, "inheritence/after/declaration/post", :post
|
66
|
+
# Test
|
67
|
+
result = Privilege.select("inheritence/after/declaration", :get)
|
68
|
+
assert_equal true, result.any?{|set| set.name == "base_inheritence_privilege"}, "Could not find PrivilegeSet (hint: error probably belongs to other test)"
|
69
|
+
assert_equal true, result.any?{|set| set.name == "cbac_inheritence_after_declaration"}, "Resource declaration after inheritence call failed"
|
70
|
+
result = Privilege.select("inheritence/after/declaration/post", :post)
|
71
|
+
assert_equal true, result.any?{|set| set.name == "cbac_inheritence_after_declaration"}, "Resource declaration after inheritence call failed with POST method"
|
72
|
+
end
|
73
|
+
|
74
|
+
# If the inheritence functionality is used with invalid privilege_sets, an ArgumentException must be thrown
|
75
|
+
def test_inheritence_with_invalid_privilege_sets
|
76
|
+
assert_raise(ArgumentError) do
|
77
|
+
Privilege.include :cbac_privilege, :invalid_privilege_set
|
78
|
+
end
|
79
|
+
assert_raise(ArgumentError) do
|
80
|
+
Privilege.include :invalid_privilege_set, :cbac_privilege
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
# If an invalid action is specified, the method must raise an ArgumentError
|
85
|
+
# exception.
|
86
|
+
def test_add_incorrect_action
|
87
|
+
assert_raise(ArgumentError) do
|
88
|
+
Privilege.resource :cbac_privilege, "add/incorrect/action", :error
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
# If a privilege is added to a non existing PrivilegeSet, an ArgumentError
|
93
|
+
# exception must occur.
|
94
|
+
def test_add_resource_to_invalid_privilege_set
|
95
|
+
assert_raise(ArgumentError) do
|
96
|
+
Privilege.resource :cbac_privilege_error, "add/resource/to/invalid/privilege/set", :get
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
# Test the Privilege.select method. This method accepts a controller method
|
101
|
+
# string and an action type It returns the privilegesets that comply with this
|
102
|
+
# combination The actions post, put and delete are identical. This test aims
|
103
|
+
# at testing this assumption.
|
104
|
+
def test_select_correct
|
105
|
+
Privilege.resource :cbac_privilege, "select/correct/get", :get
|
106
|
+
Privilege.resource :cbac_privilege, "select/correct/post", :post
|
107
|
+
Privilege.resource :cbac_privilege, "select/correct/put", :post
|
108
|
+
Privilege.resource :cbac_privilege, "select/correct/delete", :post
|
109
|
+
assert_equal 1, Privilege.select("select/correct/get", :get).length
|
110
|
+
[:post, :put, :delete].each do |action|
|
111
|
+
assert_equal 1, Privilege.select("select/correct/post", action).length
|
112
|
+
assert_equal 1, Privilege.select("select/correct/put", action).length
|
113
|
+
assert_equal 1, Privilege.select("select/correct/delete", action).length
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
def test_exception()
|
118
|
+
begin
|
119
|
+
yield
|
120
|
+
rescue Exception => e
|
121
|
+
return e.message
|
122
|
+
end
|
123
|
+
raise "No exception was thrown"
|
124
|
+
end
|
125
|
+
|
126
|
+
# test selecting an incorrect action type
|
127
|
+
def test_select_incorrect_action_types
|
128
|
+
controller_method = "select/incorrect/action/types/get"
|
129
|
+
Privilege.resource :cbac_privilege, controller_method, :get
|
130
|
+
Privilege.select(controller_method, :get)
|
131
|
+
assert_match(/Incorrect action_type/, test_exception { Privilege.select(controller_method, :error) })
|
132
|
+
end
|
133
|
+
|
134
|
+
# If a user asks for the wrong action_type (e.g. a request is made for 'get'
|
135
|
+
# but there are only 'post' privileges or vica versa) the system will throw an
|
136
|
+
# exception as expected, but the system will also hint at the possibility of
|
137
|
+
# messing up get and post.
|
138
|
+
def test_select_the_other_action_type
|
139
|
+
controller_method = "select/the/other/action/type/get"
|
140
|
+
Privilege.resource :cbac_privilege, controller_method, :get
|
141
|
+
assert_match(/PrivilegeSets only exist for other action/, test_exception { Privilege.select(controller_method, :post) })
|
142
|
+
end
|
143
|
+
|
144
|
+
# Trying to find privileges for a set that doesn't exist, should result in an
|
145
|
+
# exception
|
146
|
+
def test_select_could_not_find_any_privilegeset
|
147
|
+
controller_method = "select/could/not/find/any/privilegeset/get"
|
148
|
+
assert_raise(RuntimeError) do
|
149
|
+
Privilege.select(controller_method, :post)
|
150
|
+
end
|
151
|
+
end
|
152
152
|
end
|
@@ -1,51 +1,51 @@
|
|
1
|
-
# Copyright 2010 Bert Meerman
|
2
|
-
require File.expand_path(File.join(File.dirname(__FILE__), 'test_helper'))
|
3
|
-
|
4
|
-
###
|
5
|
-
# Tests the Cbac::PrivilegeSet class
|
6
|
-
#
|
7
|
-
class CbacPrivilegeSetTest < ActiveSupport::TestCase
|
8
|
-
#self.fixture_path = File.join(File.dirname(__FILE__), "fixtures")
|
9
|
-
#fixtures :all
|
10
|
-
|
11
|
-
# Adds a new privilege to the PrivilegeSet.
|
12
|
-
# This test should add a new privilege and everything should be working.
|
13
|
-
def test_adding_new_privilege_set
|
14
|
-
comment = "test_adding_new_privilege_set"
|
15
|
-
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
16
|
-
PrivilegeSet.add :test_adding_new_privilege_set, comment
|
17
|
-
end
|
18
|
-
assert_equal(true, PrivilegeSet.sets.include?(:test_adding_new_privilege_set), "PrivilegeSet symbol not found.")
|
19
|
-
assert_equal(comment, PrivilegeSet.sets[:test_adding_new_privilege_set].comment, "Incorrect comment.")
|
20
|
-
end
|
21
|
-
|
22
|
-
# When adding an already existing PrivilegeSet, an ArgumentError should be raised.
|
23
|
-
# PrivilegeSets can only be declared once.
|
24
|
-
def test_adding_double_privilege_sets
|
25
|
-
PrivilegeSet.add :test_adding_double_privilege_sets, ""
|
26
|
-
assert_raise(ArgumentError) do
|
27
|
-
PrivilegeSet.add :test_adding_double_privilege_sets, ""
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
# This privilegeset is already in the database. The id
|
32
|
-
# should therefore be identical to the id specified in the fixture.
|
33
|
-
# Also, the number of records should not change.
|
34
|
-
def test_initializing_existing_privilege_set
|
35
|
-
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
36
|
-
assert_difference("Cbac::PrivilegeSetRecord.find(:all).length", 0, "Record should have been added to table") do
|
37
|
-
PrivilegeSet.add :existing_privilege_set, "Something"
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
# This privilegeset does not yet exist. A new entry should be created
|
43
|
-
# in the database. Also, the id should not be zero.
|
44
|
-
def test_initializing_new_privilege_set
|
45
|
-
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
46
|
-
assert_difference("Cbac::PrivilegeSetRecord.find(:all).length", 1, "Record should not be added to table - record already exists") do
|
47
|
-
PrivilegeSet.add :test_initializing_new_privilege_set, "Something"
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
1
|
+
# Copyright 2010 Bert Meerman
|
2
|
+
require File.expand_path(File.join(File.dirname(__FILE__), 'test_helper'))
|
3
|
+
|
4
|
+
###
|
5
|
+
# Tests the Cbac::PrivilegeSet class
|
6
|
+
#
|
7
|
+
class CbacPrivilegeSetTest < ActiveSupport::TestCase
|
8
|
+
#self.fixture_path = File.join(File.dirname(__FILE__), "fixtures")
|
9
|
+
#fixtures :all
|
10
|
+
|
11
|
+
# Adds a new privilege to the PrivilegeSet.
|
12
|
+
# This test should add a new privilege and everything should be working.
|
13
|
+
def test_adding_new_privilege_set
|
14
|
+
comment = "test_adding_new_privilege_set"
|
15
|
+
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
16
|
+
PrivilegeSet.add :test_adding_new_privilege_set, comment
|
17
|
+
end
|
18
|
+
assert_equal(true, PrivilegeSet.sets.include?(:test_adding_new_privilege_set), "PrivilegeSet symbol not found.")
|
19
|
+
assert_equal(comment, PrivilegeSet.sets[:test_adding_new_privilege_set].comment, "Incorrect comment.")
|
20
|
+
end
|
21
|
+
|
22
|
+
# When adding an already existing PrivilegeSet, an ArgumentError should be raised.
|
23
|
+
# PrivilegeSets can only be declared once.
|
24
|
+
def test_adding_double_privilege_sets
|
25
|
+
PrivilegeSet.add :test_adding_double_privilege_sets, ""
|
26
|
+
assert_raise(ArgumentError) do
|
27
|
+
PrivilegeSet.add :test_adding_double_privilege_sets, ""
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# This privilegeset is already in the database. The id
|
32
|
+
# should therefore be identical to the id specified in the fixture.
|
33
|
+
# Also, the number of records should not change.
|
34
|
+
def test_initializing_existing_privilege_set
|
35
|
+
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
36
|
+
assert_difference("Cbac::PrivilegeSetRecord.find(:all).length", 0, "Record should have been added to table") do
|
37
|
+
PrivilegeSet.add :existing_privilege_set, "Something"
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
# This privilegeset does not yet exist. A new entry should be created
|
43
|
+
# in the database. Also, the id should not be zero.
|
44
|
+
def test_initializing_new_privilege_set
|
45
|
+
assert_difference("PrivilegeSet.sets.length", 1, "Adding test PrivilegeSet") do
|
46
|
+
assert_difference("Cbac::PrivilegeSetRecord.find(:all).length", 1, "Record should not be added to table - record already exists") do
|
47
|
+
PrivilegeSet.add :test_initializing_new_privilege_set, "Something"
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
51
|
end
|
data/test/test_helper.rb
CHANGED
@@ -1,28 +1,28 @@
|
|
1
|
-
# Copyright 2010 Bert Meerman
|
2
|
-
|
3
|
-
# Setup ActiveRecord and ActiveSupport
|
4
|
-
ENV["RAILS_ENV"] ||= "test"
|
5
|
-
RAILS_ENV ||= "test"
|
6
|
-
require "active_record"
|
7
|
-
require "active_record/fixtures"
|
8
|
-
require "yaml"
|
9
|
-
require "erb"
|
10
|
-
require "active_support"
|
11
|
-
ActiveRecord::Base.establish_connection(
|
12
|
-
'adapter' => 'sqlite3',
|
13
|
-
'database' => 'test/db/test.sqlite3'
|
14
|
-
)
|
15
|
-
fixture_files = Dir.glob(File.join(File.dirname(__FILE__), "fixtures", "*.yml"))
|
16
|
-
fixture_files.each do |filename|
|
17
|
-
Fixtures.create_fixtures('test/fixtures', File.basename(filename, ".*"))
|
18
|
-
end
|
19
|
-
RAILS_ROOT ||= "."
|
20
|
-
|
21
|
-
# Setup cbac configuration
|
22
|
-
require "cbac"
|
23
|
-
class ActiveSupport::TestCase
|
24
|
-
include Cbac
|
25
|
-
|
26
|
-
session = Hash.new
|
27
|
-
session[:currentuser] = 1
|
28
|
-
end
|
1
|
+
# Copyright 2010 Bert Meerman
|
2
|
+
|
3
|
+
# Setup ActiveRecord and ActiveSupport
|
4
|
+
ENV["RAILS_ENV"] ||= "test"
|
5
|
+
RAILS_ENV ||= "test"
|
6
|
+
require "active_record"
|
7
|
+
require "active_record/fixtures"
|
8
|
+
require "yaml"
|
9
|
+
require "erb"
|
10
|
+
require "active_support"
|
11
|
+
ActiveRecord::Base.establish_connection(
|
12
|
+
'adapter' => 'sqlite3',
|
13
|
+
'database' => 'test/db/test.sqlite3'
|
14
|
+
)
|
15
|
+
fixture_files = Dir.glob(File.join(File.dirname(__FILE__), "fixtures", "*.yml"))
|
16
|
+
fixture_files.each do |filename|
|
17
|
+
Fixtures.create_fixtures('test/fixtures', File.basename(filename, ".*"))
|
18
|
+
end
|
19
|
+
RAILS_ROOT ||= "."
|
20
|
+
|
21
|
+
# Setup cbac configuration
|
22
|
+
require "cbac"
|
23
|
+
class ActiveSupport::TestCase
|
24
|
+
include Cbac
|
25
|
+
|
26
|
+
session = Hash.new
|
27
|
+
session[:currentuser] = 1
|
28
|
+
end
|